Playmood

**Name of the Vulnerable Software and Affected Versions** BigTree CMS version 4.4.16 **Description** The issue allows attackers to execute arbitrary code via a crafted PDF file, exploiting an arbitrary file upload vulnerability. **Recommendations** For BigTree CMS version 4.4.16, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting file uploads to minimize the risk of exploitation.